7 Commits

Author SHA1 Message Date
Oliver Walsh
c156534010 Skip Trilio dirs when setting ownership in /var/lib/nova
Trilio currently mounts an NFS export in /var/lib/nova to make it accessible
from within the nova_compute and nova_libvirt containers.
This can result in considerable delays when walking the directory tree to
ensure the ownership is correct.

This patch adds the ability to skip paths when recursively setting the
ownership and selinux context in /var/lib/nova. The list of paths to skip
can be set via te NovaStatedirOwnershipSkip heat parameter. This default to
the Trilio dir.

Change-Id: Ic6f053d56194613046ae0a4a908206ebb453fcf4
2020-10-23 16:55:13 +00:00
Michele Baldessari
87b365afd3 Fix Flakes and lower-constraints errors
With the switch to Ubuntu Focal for tox jobs via https://review.opendev.org/#/c/738322/
our 1.1.0 version of hacking pulls in old modules that are not compatible
with python3.8:
https://github.com/openstack/hacking/blob/1.1.0/requirements.txt#L6

Let's upgrade hacking to >= 3.0.1 and < 3.1.0 so that it supports python3.8
correctly. The newer hacking also triggered new errors which are
fixed in this review as well:
./tools/render-ansible-tasks.py:113:25: F841 local variable 'e' is assigned to but never used
./tools/yaml-validate.py:541:19: F999 '...'.format(...) has unused arguments at position(s): 2
./tools/render-ansible-tasks.py:126:1: E305 expected 2 blank lines after class or function definition, found 1
./tools/yaml-validate.py:33:1: E305 expected 2 blank lines after class or function definition, found 1
./container_config_scripts/tests/test_nova_statedir_ownership.py:35:1: E305 expected 2 blank lines after class or function definition, found 0

Also make sure we exclude .tox and __pycache__ from flake8 as well

We also need to change the lower-constraint requirements to make them
py3.8 compatible. See https://bugs.launchpad.net/nova/+bug/1886298
cffi==1.14.0
greenlet==0.4.15
MarkupSafe==1.1.0
paramiko==2.7.1

Suggested-By: Yatin Karel <ykarel@redhat.com>

Change-Id: Ic280ce9a51f26d165d4e93ba0dc0c47cdf8d7961
Closes-Bug: #1895093
2020-09-10 11:10:54 +02:00
David Hill
6c3c8b41de Avoid failing on deleted file
Avoid failing on deleted file as sometimes file might get
deleted while the script run.  Log the exception instead for
troubleshooting purposes.

Change-Id: I733cec2b34ef0bd0780ba5b0520127b911505e1b
2020-07-08 13:23:52 +01:00
Hervé Beraud
11f84b6302 Use unittest.mock instead of mock
The mock third party library was needed for mock support in py2
runtimes. Since we now only support py36 and later, we can use the
standard lib unittest.mock module instead.

Change-Id: Iabd3e90a46fd087c8e780796e04fcc050c5277ab
2020-06-09 18:41:21 +02:00
Oliver Walsh
45dd4e18a5 Tolerate NFS exports in /var/lib/nova when selinux relabelling
When the :z bind mount option is used, podman peforms a recursive relabel of
the mount point which is failing with "Operation not supported" if there are
any NFS exports mounted within. While it's possible for NFS to support true
selinux labelling, in practice is rarely does.

As we are already walking the tree to set ownership/permission, take ownership
of the relabelling logic too and skip relabelling on subtrees where we hit this
error.

Change-Id: Id5503ed274bd5dc0c5365cc994de7e5cdcbc2fb6
Closes-bug: #1869020
2020-03-26 11:22:38 +00:00
Takashi Kajinami
f47dfe1059 Enforce pep8/pyflakes rule on python codes
This change makes sure that we apply pyflake8 checks on all python
codes to improve its readability.

Note that there are some rules applied for other OpenStack projects,
but not yet turned on, which should be enabled in the future.

Change-Id: Iaf0299983d3a3fe48e3beb8f47bd33c21deb4972
2019-09-05 15:40:46 +09:00
Emilien Macchi
160cddda3f Rename docker_config_scripts to container_config_scripts
Change-Id: Iabd65560c2fc28b3aeca07a21efa861c4c583c01
2019-03-06 09:05:50 -05:00